Attacks that choose us. Good sleep only for banks
Posted on 27.12.2019 at 17:29
Don’t make it harder than it has to be. This year, fraudsters adopted this motto hunting for money of bank customers. Technological attacks on banks of past years have been replaced by fraudulent calls to citizens from the “bank security service.” The costs are minimal, and the effect is maximum. And most importantly, no one thinks to fight this.
“Hello, this is the bank security service calling.” The majority of fraudulent attacks in the Russian financial system began with this phrase in 2019 and not with a complex technological attack on the credit institution’s security systems. Attackers changed their investment strategy, investing not in advanced technologies, but psychological skills. A phone call is the only technology needed for social engineering fraud. Modern IP telephony technologies allow attackers to do this so that the victim sees the correct bank number on the mobile phone. It is simple and inexpensive.
The new strategy appeared to be very successful. There are no official figures for the market as a whole. However, Sberbank alone received 2.5 million complaints from individuals about such fraudulent calls during the 11 months of 2019. This number has grown 15 times compared to 2017. To build trust in the victim, the attackers used information from various leaked databases. In 2019, their number grew drastically. We are talking about tens of millions of bank customers.
Published December 27, 2019, in Kommersant No. 240